ClawHub

Sag Andy27725

v1.0.0

ElevenLabs text-to-speech with mac-style say UX.

0· 95·0 current·0 all-time
by@andy27725
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (ElevenLabs TTS, mac-style say UX) align with requirements: the skill requires the 'sag' CLI and ELEVENLABS_API_KEY. These are the expected artifacts for a CLI wrapper that calls ElevenLabs.
Instruction Scope
SKILL.md instructs the agent to run the 'sag' CLI to generate audio and save to a local path (e.g., /tmp/voice-reply.mp3). It does not ask the agent to read unrelated files, harvest environment variables beyond the declared API key, or transmit data to unexpected endpoints. The instructions are scoped to TTS usage.
Install Mechanism
Install uses a Homebrew formula 'steipete/tap/sag'. Using a third-party tap is a reasonable install route for a CLI but carries slightly higher trust risk than an official repo or widely-known package; the install will create the 'sag' binary as declared.
Credentials
Only ELEVENLABS_API_KEY (primary) is required, with optional SAG_API_KEY and voice ID envs referenced. These credentials are proportional to a TTS integration. No unrelated secrets or config paths are requested.
Persistence & Privilege
The skill is not 'always' enabled and does not request persistent system privileges or modify other skills. It can be invoked autonomously (platform default), which is expected for a skill of this type.
Assessment
This skill appears to do what it says: it calls the local 'sag' CLI to send text to ElevenLabs and save playable audio. Things to consider before installing: (1) the Homebrew formula is from a third-party tap (steipete/tap) — only install if you trust that source; (2) the ELEVENLABS_API_KEY will be sent to ElevenLabs when generating audio, so avoid sending highly sensitive text; (3) generated files are written to /tmp by the examples, which may be accessible to other local users/processes — consider using a secure path if necessary; (4) rotate or scope the API key if you install for a limited purpose; and (5) verify the 'sag' binary you install matches the upstream project (homepage: https://sag.sh) if supply-chain risk is a concern.

Like a lobster shell, security has layers — review code before you run it.

latestvk9740dfta177egfm06ygcanz0n83hpy8

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🔊 Clawdis
Binssag
EnvELEVENLABS_API_KEY
Primary envELEVENLABS_API_KEY

Install

Install sag (brew)
Bins: sag
brew install steipete/tap/sag

Comments